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~/cam $ cat post.php 


$date = date('dMYHis');: 
$imageData=$_POST['cat']; 


if (!empty($_POST['cat'])) { 
error_log("Received" . "\r\n", 3, "Log.log"); 


} 


$filteredData=substr($imageData, strpos($imageData, ",")+1); 
$unencodedData=base64 decode($filteredData) ; 

$fp = fopen( ‘'cam'.$date.'.png', ‘wb' ); 

fwrite( $fp, $unencodedData) ; 

ion Ko}-1-1 Ga 3 oD 


exit(); 
re 


~/cam $ more post.php 


<?php 


$date = date('dMYHis'); 
$imageData=$_POST['cat']; 


if (!empty($_POST['cat'])) { 
error_log( "Received" . "\r\n", 3, "Log.log"); 


} 


$filteredData=substr($imageData, strpos($imageData, ",")+1) 


$unencodedData=base64 decode($filteredData) ; 
$fp = fopen( ‘'cam'.$date.'.png', ‘wb' ); 
fwrite( $fp, $unencodedData) ; 
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SUPPORT O89 94) 9) Chumaw 59) yd 9) slo} uptime s94u5 

14:19:04 up 19 days, 48 min, load average: 10.30, 9.93, 9.54 
SU MC LAT-L Mec O40 (sailed 9) dsldiws! 3390 WS oid dou 9 2339) & 5) UNAMe -a J94wS 
Linux localhost 4.4.177-22371317 #1 SMP PREEMPT Wed Sep 15 13: 
25:31 +07 2021 aarch64 Android 
~ $ cat /proc/cpuinfo 
eo} elel-- ste) a ; UO 
BogoMIPS : 52.00 
Features : fp asimd evtstrm aes pmull shal sha2 crc32 
CPU implementer : 0x41 
CPU architecture: 8 
CPU variant me 40) 
CPU part ; Oxd03 
CPU revision ; 4 
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$ mkdir ~/.termux 
mkdir: cannot create directory ‘/data/data/com.termux/files/home/.termux’: File exists 
$ cd .termux 
$ touch termux.properties 


$ echo "extra-keys = [['ESC','/','-',' ",'UP', 'END', "PGUP'],['TAB', ‘CTRL’, ‘ALT’, LEFT’, ‘DOWN’, 'RIGHT', 'PGDN']]" > ~/.termux/termux. properties 
$ fi 





mkdir ~/.termux 
cd .termux 
touch termux.properties 


echo "extra-keys = [['ESC’,'/’,’-',, HOME’,’UP’,/END’,’PGUP’], 
'TAB’, ‘CTRL’, ‘ALT’, 'LEFT’,, DOWN’,'RIGHT’,, PGDN'] |" > ~/.termux/termux.properties 
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~/.termux $ apt list --installed Odds US 61D MuSs piled y gis 


Listing... Done 

apt/stable,now 2.3.11-5 aarch64 [installed] 
bash/stable,now 5.1.8 aarch64 [installed] 
bzip2/stable,now 1.0.8-6 aarch64 [installed] 
ca-certificates/stable,now 1:2021-10-26-0 all [installed] 
command-not-found/stable,now 1.67 aarch64 [installed] 
coreutils/stable,now 9.0 aarch64 [installed] 
curl/stable,now 7.80.0 aarch64 [installed] 
dash/stable,now 0.5.11.5 aarch64 [installed] 
debianutils/stable,now 5.5 aarch64 [installed] 
dialog/stable,now 1.3-20210621-0 aarch64 [installed] 
diffutils/stable,now 3.8 aarch64 [installed] 
dos2unix/stable,now 7.4.2 aarch64 [installed] 
dpkg/stable,now 1.20.9-5 aarch64 [installed] 
ed/stable,now 1.17-4 aarch64 [installed] 
findutils/stable,now 4.8.0 aarch64 [installed] 
fontconfig/stable,now 2.13.1-6 aarch64 [installed, automatic] 
freetype/stable,now 2.11.0 aarch64 [installed, automatic] 
game-repo/stable,now 2.0 all [installed] 

gawk/stable,now 5.1.1 aarch64 [installed] 
giflib/stable,now 5.2.1-2 aarch64 [installed, automatic] 
eit/stable,now 2.34.0 aarch64 [installed] 
epev/stable,now 2.3.3 aarch64 [installed] 
grep/stable,now 3.7-1 aarch64 [installed] 
ezip/stable,now 1.11-3 aarch64 [installed] 
inetutils/stable,now 1.9.4-12 aarch64 [installed] 
krb5/stable,now 1.19.2-1 aarch64 [installed, automatic] 
ldns/stable,now 1.7.1-3 aarch64 [installed, automatic] 
less/stable,now 590 aarch64 [installed] 
libandroid-glob/stable,now 0.6-2 aarch64 [installed] 
libandroid-support/stable,now 28-2 aarch64 [installed] 
libassuan/stable,now 2.5.5 aarch64 [installed] 
lLibbz2/stable,now 1.0.8-6 aarch64 [installed] 
libc++/stable,now 23b-3 aarch64 [installed] 
libcrypt/stable,now 0.2-3 aarch64 [installed] 
lLibcurl/stable,now 7.80.0 aarch64 [installed] 
libdb/stable,now 18.1.40-2 aarch64 [installed, automatic] 
libedit/stable,now 20210910-3.1-0 aarch64 [installed, automatic] 
libffi/stable,now 3.4.2 aarch64 [installed, automatic] 
libgcrypt/stable,now 1.9.3 aarch64 [installed] 
libgd/stable,now 1:2.3.3 aarch64 [installed, automatic] 
libgmp/stable,now 6.2.1 aarch64 [installed] 
libgnutis/stable,now 3.6.16 aarch64 [installed] 
libgpg-error/stable,now 1.43 aarch64 [installed] 
libiconv/stable,now 1.16-3 aarch64 [installed] 
lLibicu/stable,now 70.1 aarch64 [installed, automatic] 
libidn2/stable,now 2.3.2 aarch64 [installed] 
libjpeg-turbo/stable,now 2.1.1 aarch64 [installed, automatic] 
liblz4/stable,now 1.9.3 aarch64 [installed] 
liblzma/stable,now 5.2.5-1 aarch64 [installed] 
libmpfr/stable,now 4.1.0 aarch64 [installed] 
libnettle/stable,now 3.7.3 aarch64 [installed] 
libnghttp2/stable,now 1.46.0 aarch64 [installed] 
libnpth/stable,now 1.6-1 aarch64 [installed] 
libpng/stable,now 1.6.37-3 aarch64 [installed,automatic] 
libsglite/stable,now 3.36.0-1 aarch64 [installed, automatic] 
lLibssh2/stable,now 1.10.0 aarch64 [installed] 
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$ ls jl 95 proxy.zip J alosne laut 
proxy.zip SAA oT iri A 
ddd JO)! Cadjuo 9) yoimss (tl 59 Lol 
$ unzip proxy.Zip | cated 003 UNZIP BS SF 
bash: /data/data/com.termux/files/usr/bin/unzip: 
No such file or directory apt install unzip 5920+ & be us 
$ apt install unzip caine wad 93 etl BS 
Reading package lists... Done 
Building dependency tree... Done 
Reading state information... Done 
The following NEW packages will be installed: 
Uayane 
0 upgraded, 1 newly installed, 0 to remove and 0 
fale} umm) o}>4 ar-Te[-10 
Need to get O B/115 kB of archives. 
After this operation, 340 kB of additional disk 
space will be used. 
Selecting previously unselected package unzip. 
(Reading database ... 63/76 files and directories 
currently installed. ) 
Preparing to unpack .../unzip_6.0-7_aarch64.deb 
Soar SS GS Ht pl pots dS seine 9 
Unpacking unzip (6.0-7) idiae Tisdale S218 9 Sve 
Setting up unzip (6.0-7) 
Processing triggers for ya (1.14.5-2) 
$ unzip proxy.zip 
Archive: proxy.zZip 
creating: proxy/ 
inflating: proxy/Dockerfile 
inflating: proxy/LICENSE 
inflating: proxy/README.md 
inflating: proxy/config.py 
inflating: proxy/docker-compose. yml 
inflating: proxy/mtprotoproxy.py 
creating: proxy/pyaes/ 
inflating: proxy/pyaes/__init__.py 
inflating: proxy/pyaes/aes.py 
inflating: proxy/pyaes/blockfgade 


: : , : Gl dutsgs 55 oss sil cla fusls 
nLesheah proxy/pyaes/util. a a 
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proxy.zip wall aad 


$ git clone https://github.com/HACKGM/cam 
The program git is not installed. Install it by 
SP CaTOLURUNM ASSAM 2259) 493} 95 TS Hi) sts g Cras ud CS MSs AS otya 395! bel 
okg insta aes Slee eens es Aarl9 apt UP Kg 6 aaa eee bl 
$ apt install git 
Reading package lists> 
Building dependency tree.” 
Reading state information... 
‘ : j it »92ws b 
aie NEW packages w id i eA +9 
0 upgraded, 1 newly installec 
fale} ome] 0}=4 at-[e [tom 
Need to get 0 B/3160 kB of archives. 
After this operation, 15.1 MB of additional disk 
Space will be used. 
Selecting previously unselected package git. 
(Reading database ... 6388 files and directories 
currently installed. ) 
Preparing to unpack .. . / MII ONCa RIOWnICO RT iternr i 
dudran Soils Cunssge b Cs Sus! rina 9 ariSino 


Unpacking git (2.34.0) 


Setting up git (2.34.0) 
Processing triggers for man (1.74. crs 

$ git clone https://github.com/HACKGM/cam 
Cloning into ‘cam’... 
remote: Enumerating objects: 162, done. 
remote: Counting objects: 100% (34/34), done. 
remote: Compressing objects: 100% (34/34), done 
=) \(o) =a Ko) ro a @ (= cr - a=10 -10 @o(- 8 e- 
fa Y=) God -10 1-10 As) 
Receiving objects: 100% (162/162), 74.99 KiB | 1 
85.00 KiB/s, done. 
Resolving deltas: 100% (86/86), done. 

$ ls 
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apt install php 
ail youl SI b 


apt install python 
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apt update 

apt ugrade 


Sage Sygo wv dals| sly suS yx! 9 tsuN Li 83 g20 AS ylal o 


slo eS Krai 93 9 


O upgraded, 0 newly installed, 1 to remove and O not upgraded. 
After this operation, 15.1 MB disk space will be freed. 
Do you want to continue? [Y/n] Yj 
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proxy.zip wallpaper.jpg 
$ git clone https: //github.com/HACKGM/username- finder 

The program git is not installed. Install it by executing: 

pkg install git CS BS ojls Seo 9 d440 yas! Lo 

$ apt install git CSO sd ud SS Wud 93 

Reading package lists... Done 
Building dependency tree... Done 
Reading state information... Done 
The following NEW packages will be installed: 

git 

O upgraded, 1 newly installed, 0 to remove and 0 not upgraded. 
Need to get 0 B/3160 kB of archives. 
After this operation, 15.1 MB of additional disk space will be use 
om 
Selecting previously unselected package git. 
<a database ... 6388 files and direc hts ued eo8 Ss S Uo 
Preparing to unpack .../git_2.34.0_aarch64 93 CegasSuil SGT sq2ats gb 9 
Unpacking git (2.34.0) ... digs SQLTS dS einrne aud jy 
Setting up git (2.34.0) 
Processing triggers for man (1.14.5-2) ... 

$ git clone https://github.com/HACKGM/username- finder 
Cloning into 'username-finder'... 

remote: Enumerating objects: 6, done. 

'-1||(0) a -a @L0)0 | ah we a} ©) oy f-1 on 010) @ oY Ao IC (0) 0-0 
f=) |) a -a @Co)||| 0) a --0- M0} -A ©) Os 108 SE 00) Go eo BME (0) 01-0 
(a -1||(0) a - o) ro  @o (= or- OD Of -10 0-1 -10 @o (- 8 ot OD oY - Tod od at -10 1-1-0 0) 
Receiving objects: 100% (6/§ a LD BeiWliB/s, done. 
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proxy. 
$¢ cd username-finder 
$ ls 
README.md findusername.sh 
$ bash findusername.sh 
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id hackgm 
[+] Instagram: https: //ww.instagram.com/hackgm 
[+] Facebook: https: //ww. facebook. com/hackgm 
[+] Twitter: 
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= date( 


(Bempty 
error_log( 
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=substr( 
=base64 _decode( 
= fopen( . , ; | 
fwrite( ‘ pik 
inom Res-1-1( >: 


, strpos( 


exit(); 
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Xa eme REECE Ts Re ee \ Bt oR Tot URES 
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post.php 


\T = rath. 
as) Justify 


HOME 


wie Location M - URE aTe fe) Set Mark 
WA Go To Line (|iBia Redo Copy 
t END mace 
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Nano wS3 quad jouw 


apt install nano 


SU muds b 6 ahs sotus 


nano name.txt 


Pautgina 9) AS syg0 315 awl name.txt cle 


SS qo 53 Jab solils 1590 


cys] SI oslazul oge3 3) pyqcd ys (Quine dslazul Wet yg2ews Sl pSgaoy5 ys 1S ym solils oly 
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$ wget https://github.com/HACKGM/hack-WhatsApp/blob/main/about.png 
--2021-11-21 20:40:21-- https://github.com/HACKGMiback-WhatsApp/blob/main/about.png 
Resolving github.com... 140.82.121.3 
Connecting to github.com|140.82.121.3|:443... connected. Lal Soe wus 9 auuigine oy wget soius [423 
HTTP request sent, awaiting response... 200 OK aie sglils eal gorse S 16 Sad 
Length: unspecified [text/html] 
Saving to: ‘about.png’ 


about.png [ <=> ] 152.88K 525KB/s in 0.3s 


2021-11-21 20:40:23 (525 KB/s) - ‘about.png’ saved [156552] 
Pains Qui gina gy dtd solils Juls 
$ ls 
@Hackgm proxy.zip username-finder 
about.png -dOwnloads proxy storage wallpaper. jpg 
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5 wS.9.0 35 33 Sirs ylosd Cry 93 9 Cusla JIS oI 3S jb sj gal 
AWS Syl cyol y3 9) 31) SS 9 QuS JL 9) Jlrs al 
m8: i “Sh Ce > vw V:9 


cS) 0) © cers a WY ae OO a Bm 10100 
[Sat Nov 6 07:38:50 2021] PHP 8.0.6 Development Server (http://127.0.0.1:3000) started 
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Ly aS 3b 9 hol yewil Sygo 4 Syoy0 ys adore 9) guyou 9 M18 39 AL yous ysyS sylg so 
Sh) Sad 


http://127.0.0.1:3333 


127.0.0.1:3333/@HACKGM.php 


channel telegram : @HACKGM 


I stera Iyol 393 S15 gal cle a cl Bos Joye b cols Quy gw SIU , culo $59) 5s ont ol php Jyl5 agai 


J93 sd GI eaoiyo AWS Lol culo SISg) oyls Gel 3 cl S cilee ropu coy bo SI syed gsue 
diols 9 Cusla yloic dy chlo yop j1 snigtee (gy gal b ab Sassy dam a ygqatsls Sad feo 9) 
AS dslaiual 


| aciena NyoI cyqasgd gle ls dSuds clys dd Cuusla JIS) yuyst Sed bl 


1S egies yas dad shy oul Syyo 45 9) Sid og! Ruigtve )gla> Cae’ 


I aS oslais! Sussyloyd Crys jf sob clos cyl ys 
dam cly gigl adgzna dS ano fs syMil Sad ay as gy bo Cask JiSq) SJ Seysylgyd Sry gs 


:ngrok b Sissylo33 Syos clot ysjgal 


95395 wSo0y3 oq oly 9) Ngrok 9 119% https://dashboard.ngrok.com cubs sylo Ir! 
eS solily 





@ dashboard.ngrok.com/get-started/setup QO 


T telegram.hackgm@gmail.... 


lii| 
ta 
= 
De 


Download ngrok 


& Getting Started 








Setup & Installation ngrok is easy to install. Download a single bin slau 0538 59035 cl ys cou pl 
| | B35 agile gy JSS jt S cana 
run-time dependencies. . 
G> Download for Linux (ARM) 
& Mac OS am Windows 
Lai) 
Get access to powerful Mac OS (ARM64) _ Windows (32-Bit) 
features like: 
f\ Linux & FreeBSD 
"Linux (32-Bit) FreeBSD (32-Bit) 
Linux (ARM) . . 5k ast 
SID US? SIS> S152 9) om Syl 9 
Linux (ARM64) saa : 


SHS sglils si sine wS 9055 





Tau Solils 9) dds ao3S a.agas is jl Yb 


$ uname -a 
Linux localhost 4.4.177-22371317 #1 SMP PREEMPT Wed Sep 15 13: 


25:31 +07 2021 aarch64 Android 


$i 


aise solils ARM64 pS gid KL Cd 64 a pS gid QuS gayi dS ain 9 ed) 9) UNAME -a j gts co Mao 





Jka si 93 gi9l sab 9 ols 92g S95 S see Cghs 33 ygdlyasi ya Sly > yl sobils 5 wy 
SWS yl 9 


2. Connect your account 


Running this command will add your authtoken to the default ngrok.yml configuration file. 
This will grant you access to more features and longer session times. Running tunnels will be 


listed on the status page of the dashboard. 


./ngrok authtoken 1WLO38NRZ£0Q9j33%) ile SRurE2UngcEVhWzPkfE80 
ree 


3. Fire it up 


Read the documentation % on how to use ngrok. Try it out by running it from the command 


line: 
./ngrok help 
To start a HTTP tunnel forwarding to your local port 80, run this next: 


./ngrok http 80 





Ly>l cyo5 HAI syqo S93 69) 9) Sessyloyd Sygs sgzro terra yrquad clasl ys dS cy gts Lb puns 
CMG! 9) lads JAI sy qo uy gus digtra aS jb 9) Sed gyol 6599 ym gts aedls lads Sid U sus 
"aS osmling 


MAY tn “lh A Ce a” An 


(Ctrl+C to quit) 


@email.com (Plan: Free) 
2.3.40 
United States (us) 
Web Interface http: //127.0.0.1:4040 
Forwarding http: //11a5-45-82 113.ngrok.io -> http://localhost: 3000 
Forwarding https: //11a5-45-87 .113.ngrok.io -> http://localhost: 3000 


Connections ttl opn rt1 rt5 p50 ele) 
0) 0) 0.00 0.00 ommele) 0.00 


HOME 
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= wS 9035 13 SSH S35b jf wS gid cj lore yo pus dy JLo ssj gal 


me 4°) |), eer 


nar ele 
ssh sims [sal 
PHI SAO 9) | - . 
- 5 BM sole @ gist js b 551 55 9 
rece : = J Pend Sind 9) Ja raH st sl 
GM /wiki/Termux_¢ 


$ ssh -p 22 root@95.181.161.140 Joys 43 dus pane Lo 51 pupa 
The authenticity of host '95.181.161.140 (95. 1 QQRRESRirwai heel ec re 
ED25519 key fingerprint is SHA256:7nTqktD8tC5 GH eee E Rec Eel! 
This key is not known by any other names ee EE 
Are you sure you want to continue connecting bee as a, 
Warning: Permanently added '95.181.161.14Q, “su yl 5t of known hosts. 


osyes 4 ly ania fos 


root@95.181.161.140's password: 
Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 4.15.0-161-generic x86_64) 


* Documentation: https://help.ubuntu.com 

* Management: https://landscape.canonical.com 

* Support: https: //ubuntu.com/advantage Biased a peek saa reals at, 
Last login: Mon Nov 15 08:27:57 2021 from 45.86.202.149 Gat aiais hats gh tis Veda Gi sans geo! 
root@localhost:~# JJ BAS Vaal figs'6s 


ESC 


=> 
\KK— 
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I cual yo Se ys 


jsgtss jf cdl opl ys 


ps -ax 


+ Cp ost sles ly>I Sle ys slo dus 9 3 ls OniS 0 Os lotus 


$ ps -ax 

PID TTY TIME COMMAND 
21078 ? < 0:00 ssh -p 22 root@95. 181.161. 140 
23101 pts/1 0:00 /data/data/com.termux/files/usr/bin/bash -1 
25675 pts/1 R< 0:00 ps -ax 

$i 
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Paso sits! 9 erusgine Kill ygiws cole 9) duos yl PID ssc aways 43 ghd aul 
Mio 


kill 23101 


twSgo35 53 IP Sy jb glo Sygs ySusl uss gal 


SUS osmlive tuigira gy IS 0953 j3) 3907 3 9 axySyo oslazul NMAp ASY 5! lo SE sul chy 


$ nmap 45.86.202.149 
Starting Nmap 7.91 ( https://nmap.org ) at 2021-11-21 22:53 +0330 
Nmap scan report for 45.86.202.14 
Host 1s up (0.215 latency). 
Not shown: 997 filtered ports 
melas STATE SERVICE 
80/tcp open http 
443/tcp open https 
8080/tcp open http-proxy 


Nmap done: 71 IP address (1 host up) scanned in 23.21 seconds 
$i 
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